Facebook to Notify Targets of Suspected State-Sponsored Cyberattacks

The new policy will provide alerts to platform users believed to be targeted by hackers after personal information.

by / October 20, 2015

Social media giant Facebook announced Friday that it would begin notifying account holders if it appeared that they had been the target of a cyberattack from a state-sponsored actor.


The company announced the changes in a statement and said the additional layer of security would give platform users a simple alert to potentially illicit activity centered on their personal accounts.


“Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state,” Chief Security Officer Alex Stamos wrote.


The new policy comes at a time when governments and private industry are more aware than ever about the threat posed by government-sponsored hacking.


In December 2014, Sony Pictures fell victim to what is believed to be a North Korean cyberattack, and in February 2015, insurance provider Anthem, Inc., was targeted and breached by what is believed to be hackers working on behalf of the Chinese government.


“While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored,” Stamos wrote. “We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.”


The chief security officer went on to say that while the company would be providing the warning to users, it would not be indicative of a larger breach of the company’s systems.

“It's important to understand that this warning is not related to any compromise of Facebook's platform or systems, and that having an account compromised in this manner may indicate that your computer or mobile device has been infected with malware. Ideally, people who see this message should take care to rebuild or replace these systems if possible,” Stamos wrote.

Despite the publicity surrounding the announcement, the company said the notifications would only be used sparingly in situations “where the evidence strongly supports our conclusion.”